﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;

public partial class UserManagementDetail : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        try
        {
            //string strAction = "";
            if (Request.QueryString["action"] != null)
            {
                if (Request.QueryString["action"].ToString().ToLower() == "add")
                {
                    //strAction = " - เพิ่มข้อมูล";
                    Session["ACTION"] = "add";
                }
                else if (Request.QueryString["action"].ToString().ToLower() == "edit")
                {
                    //strAction = " - แก้ไขข้อมูล";
                    Session["ACTION"] = "edit";
                    btnClear.Visible = false;
                }
                else if (Request.QueryString["action"].ToString().ToLower() == "view")
                {
                    //strAction = " - เรียกดูข้อมูล";
                    Session["ACTION"] = "view";
                    btnClear.Visible = false;
                    btnSave.Visible = false;
                }
            }

            if (!IsPostBack)
            {
                lblCheckID.Text = "";

                Binding.BindUserType(ddlUserType, true, "0", "โปรดระบุ");
                Binding.BindStatus(ddlStatus, true, "0", "โปรดระบุ");
                //hdnDealID.Value = Request.QueryString["DealID"];

                if (Session["ACTION"].ToString() == "add")
                {
                    btnCheckID.Attributes.Add("onclick", "return CheckUserID()");
                    btnSave.Attributes.Add("onclick", "return VerifySubmit('add')");
                }
                else
                {
                    btnSave.Attributes.Add("onclick", "return VerifySubmit('edit')");
                }
                BindData();
            }
        }
        catch (Exception ex)
        {
            lblMessage.Text = "<br>" + ex.Message + "<br><br>";
        }
    }

    protected void btnCheckID_Click(object sender, EventArgs e)
    {
        try
        {
            DataTable dt = new DataTable();
            DBConn oDBConn = new DBConn();
            oDBConn.OpenConnection();

            SqlCommand oCommand = new SqlCommand("sp_Deal_User_SELECTBYID", oDBConn.DBConnection);
            oCommand.CommandType = CommandType.StoredProcedure;
            oCommand.Parameters.Add("@USER_ID", SqlDbType.VarChar).Value = txtUserID.Text.Trim();

            SqlDataAdapter oDataAdapter = new SqlDataAdapter(oCommand);
            oDataAdapter.Fill(dt);
            oDataAdapter = null;
            oDBConn.Disconnect();

            if (dt.Rows.Count == 0)
            {
                lblCheckID.Text = "รหัสผู้ใช้นี้ สามารถเพิ่มข้อมูลได้";
            }
            else
            {
                lblCheckID.Text = "รหัสผู้ใช้นี้ ซ้ำกับในระบบ";
            }
        }

        catch (Exception ex)
        {
            lblMessage.Text = ex.Message;
        }
    }

    protected void btnSave_Click(object sender, EventArgs e)
    {
        try
        {
            DataTable dt = new DataTable();
            DBConn oDBConn = new DBConn();
            oDBConn.OpenConnection();

            if (Session["ACTION"].ToString() == "add")
            {
                SqlCommand oCommand = new SqlCommand("sp_Deal_User_SELECTBYID", oDBConn.DBConnection);
                oCommand.CommandType = CommandType.StoredProcedure;
                oCommand.Parameters.Add("@USER_ID", SqlDbType.VarChar).Value = txtUserID.Text.Trim();

                SqlDataAdapter oDataAdapter = new SqlDataAdapter(oCommand);
                oDataAdapter.Fill(dt);
                oDataAdapter = null;

                bool blnValidUser = false;
                if (dt.Rows.Count == 0)
                {
                    lblCheckID.Text = "รหัสผู้ใช้นี้ สามารถเพิ่มข้อมูลได้";
                    //lblCheckID.CssClass = "text_info";
                    blnValidUser = true;
                }
                else
                {
                    lblCheckID.Text = "รหัสผู้ใช้นี้ ซ้ำกับในระบบ";
                    //lblCheckID.CssClass = "text_required";
                    blnValidUser = false;
                }

                if (blnValidUser)
                {
                    string strPassword = Security.CipherCode(txtPassword.Text.Trim());

                    oCommand = new SqlCommand("sp_Deal_User_INSERT", oDBConn.DBConnection);
                    oCommand.CommandType = CommandType.StoredProcedure;
                    oCommand.Parameters.Add("@User_ID", SqlDbType.VarChar).Value = txtUserID.Text.Trim();
                    oCommand.Parameters.Add("@User_Password", SqlDbType.VarChar).Value = strPassword;
                    oCommand.Parameters.Add("@User_FirstName", SqlDbType.VarChar).Value = txtName.Text.Trim();
                    oCommand.Parameters.Add("@User_LastName", SqlDbType.VarChar).Value = txtLastname.Text.Trim();
                    oCommand.Parameters.Add("@User_Email", SqlDbType.VarChar).Value = txtEmail.Text.Trim();
                    oCommand.Parameters.Add("@User_TelNo", SqlDbType.VarChar).Value = txtTelNo.Text.Trim();
                    oCommand.Parameters.Add("@User_UserType_ID", SqlDbType.Int).Value = ddlUserType.SelectedValue;
                    oCommand.Parameters.Add("@User_Status", SqlDbType.Bit).Value = 1;
                    oCommand.Parameters.Add("@User_Shop_ID", SqlDbType.BigInt).Value = Session["SHOP_ID"].ToString();
                    oCommand.Parameters.Add("@User_CreateBy", SqlDbType.VarChar).Value = txtUserID.Text.Trim();
                    oCommand.ExecuteNonQuery();
                    oDBConn.Disconnect();

                    Response.Redirect("UserManagementDetail.aspx?action=add&result=1");
                }
            }
            else
            {
                string strPassword = Security.CipherCode(txtPassword.Text.Trim());

                SqlCommand oCommand = new SqlCommand("sp_Deal_User_UPDATE", oDBConn.DBConnection);
                oCommand.CommandType = CommandType.StoredProcedure;
                oCommand.Parameters.Add("@User_ID", SqlDbType.VarChar).Value = lblUserID.Text;
                oCommand.Parameters.Add("@User_FirstName", SqlDbType.VarChar).Value = txtName.Text.Trim();
                oCommand.Parameters.Add("@User_LastName", SqlDbType.VarChar).Value = txtLastname.Text.Trim();
                oCommand.Parameters.Add("@User_Email", SqlDbType.VarChar).Value = txtEmail.Text.Trim();
                oCommand.Parameters.Add("@User_TelNo", SqlDbType.VarChar).Value = txtTelNo.Text.Trim();
                oCommand.Parameters.Add("@User_Type", SqlDbType.Int).Value = ddlUserType.SelectedValue;
                oCommand.Parameters.Add("@User_Status", SqlDbType.Bit).Value = ddlStatus.SelectedValue;
                oCommand.Parameters.Add("@User_ShopID", SqlDbType.BigInt).Value = Session["SHOP_ID"].ToString();
                oCommand.ExecuteNonQuery();

                if (txtPassword.Text == "")
                {
                    oCommand = new SqlCommand("sp_Deal_User_UPDATE_PASSWORD", oDBConn.DBConnection);
                    oCommand.CommandType = CommandType.StoredProcedure;
                    oCommand.Parameters.Add("@User_ID", SqlDbType.VarChar).Value = Session["USER_USERID"].ToString();
                    oCommand.Parameters.Add("@User_Password", SqlDbType.VarChar).Value = hdnPassword.Value;
                    oCommand.ExecuteNonQuery();
                }
                else
                {
                    if (hdnPassword.Value != strPassword)
                    {
                        oCommand = new SqlCommand("sp_Deal_User_UPDATE_PASSWORD", oDBConn.DBConnection);
                        oCommand.CommandType = CommandType.StoredProcedure;
                        oCommand.Parameters.Add("@User_ID", SqlDbType.VarChar).Value = Session["USER_USERID"].ToString();
                        oCommand.Parameters.Add("@User_Password", SqlDbType.VarChar).Value = strPassword;
                        oCommand.ExecuteNonQuery();
                    }
                }
                oDBConn.Disconnect();

                Response.Redirect("UserManagementDetail.aspx?action=edit&result=1&id=" + lblUserID.Text);
            }
        }
        catch (Exception ex)
        {
            lblMessage.Text = "<br>" + ex.Message + "<br><br>";
        }
    }

    protected void btnClear_Click(object sender, EventArgs e)
    {
        txtUserID.Text = "";
        txtPassword.Text = "";
        txtName.Text = "";
        txtLastname.Text = "";
        txtEmail.Text = "";
        txtTelNo.Text = "";
        ddlUserType.SelectedValue = "0";
        ddlStatus.SelectedValue = "0";
    }

    protected void btnBack_Click(object sender, EventArgs e)
    {
        Response.Redirect("UserManagement.aspx");
    }

    private void BindData()
    {
        if (Request.QueryString["result"] != null && Request.QueryString["result"].ToString() == "1")
        {
            if (Session["ACTION"].ToString() == "edit")
                lblMessage.Text = "<br>แก้ไขข้อมูลผู้ใช้งานเรียบร้อยแล้ว<br><br>";
            else
                lblMessage.Text = "<br>เพิ่มข้อมูลผู้ใช้งานเรียบร้อยแล้ว<br><br>";
        }
        if (Session["ACTION"].ToString() == "edit" || Session["ACTION"].ToString() == "view")
        {

            DataTable dt = new DataTable();
            DBConn oDBConn = new DBConn();
            oDBConn.OpenConnection();

            SqlCommand oCommand = new SqlCommand("sp_Deal_User_SELECTBYID", oDBConn.DBConnection);
            oCommand.CommandType = CommandType.StoredProcedure;
            oCommand.Parameters.Add("@User_ID", SqlDbType.VarChar).Value = Request.QueryString["ID"];

            SqlDataAdapter oDataAdapter = new SqlDataAdapter(oCommand);
            oDataAdapter.Fill(dt);
            oDataAdapter = null;
            oDBConn.Disconnect();

            if (dt.Rows.Count > 0)
            {
                string strPassword = dt.Rows[0]["User_Password"].ToString();

                if (Session["ACTION"].ToString() == "edit")
                {
                    btnCheckID.Visible = false;
                    txtUserID.Visible = false;
                    hdnPassword.Value = strPassword;

                    lblUserID.Text = dt.Rows[0]["User_ID"].ToString();
                    txtUserID.Text = dt.Rows[0]["User_ID"].ToString();
                    txtName.Text = dt.Rows[0]["User_FirstName"].ToString();
                    txtLastname.Text = dt.Rows[0]["User_LastName"].ToString();
                    txtEmail.Text = dt.Rows[0]["User_Email"].ToString();
                    txtTelNo.Text = dt.Rows[0]["User_TelNo"].ToString();
                    ddlUserType.SelectedValue = dt.Rows[0]["User_UserType_ID"].ToString();
                    ddlStatus.SelectedValue = dt.Rows[0]["User_Status"].ToString();
                }
                else
                {

                    btnCheckID.Visible = false;
                    txtUserID.Visible = false;
                    txtPassword.Visible = false;
                    txtName.Visible = false;
                    txtLastname.Visible = false;
                    txtEmail.Visible = false;
                    txtTelNo.Visible = false;
                    ddlUserType.Visible = false;
                    ddlStatus.Visible = false;
                    trPassword.Visible = false;

                    lblUserID.Text = dt.Rows[0]["User_ID"].ToString();
                    lblName.Text = dt.Rows[0]["User_FirstName"].ToString();
                    lblLastname.Text = dt.Rows[0]["User_LastName"].ToString();
                    lblEmail.Text = dt.Rows[0]["User_Email"].ToString();
                    lblTelNo.Text = dt.Rows[0]["User_TelNo"].ToString();
                    lblUserType.Text = dt.Rows[0]["UserType_Name"].ToString();
                    if (dt.Rows[0]["User_Status"].ToString() == "True")
                    {
                        lblStatus.Text = "Active";
                    }
                    else
                    {
                        lblStatus.Text = "Inactive";
                    }
                }
            }
        }
        else
        {
            btnCheckID.Visible = true;
        }
    }
}
